It is definitely D. Please check out GTAG 7. A is clearly mentioned under the "Monitoring and Reporting" stage. B is clearly mentioned under the "Strategic Fit and Sourcing Evaluation" stage. C is clearly mentioned under the "Implementation and Transition" stage. Although "loss of assets" is a risk listed under multiple other stages, it is the only one of these four options that is listed under the "Tender Process and Contracting" stage - as shown, the other three options are clearly risks under different stages. Since this question is asking which of the four options below is a risk under the "Tender Process and Contracting" stage, it has to be D, because the other three are clearly stated in other stages.

According to IIA (Institute of Internal Auditors) guidance, the typical risk associated with the tender process and contracting stage of an organization's IT outsourcing life cycle is option B. There is a lack of alignment to organizational strategies. During the tender process and contracting stage of IT outsourcing, organizations may face the risk of not aligning the outsourced IT services with the organization's overall strategies and objectives. This means that the selected vendor or service provider may not fully understand or be able to support the organization's strategic goals, resulting in potential inefficiencies, conflicts, or missed opportunities.

Yomang is correct. Read the GTAG, it’s mentioned.

The correct answer should be C